Items tagged with seriously WTF

Verizon's Risk Team has published a blog post on a mind-boggling security adventure (it's the only term that really fits) detailing just how poorly some IT workers -- including those working for "critical infrastructure" companies -- understand the meaning of the term. The saga began when a US-based company contacted the VRT, asking for their help in tracing a puzzling VPN connection. The company had conducted an audit of its own VPN and found a sustained, regular connection being maintained from Shenyang, China. That's bad. Worse, the company had deployed a two-factor authentication system that...Read more...